<?php
$smarty->configLoad($lang . '/myprofile.module.php');
$language = parse_ini_file($lang . '/breadcrumb.module.php', true);
$breadcrumb = $language['myprofile'];
if(empty($_GET['userID'])) {
	$_GET['userID'] = $_SESSION['id'];
} 
$smarty->assign('userID', $_GET['userID']);
$sql = 'SELECT * FROM ' . DB_LOGIN . '.account_data WHERE id = :id';
$dbh = $connection->prepare($sql);
if (isset($_GET['userID'])) {
    $dbh->bindValue(':id', $_GET['userID']);
} else {
    $dbh->bindValue(':id', $_SESSION['id']);
}
$dbh->execute();
foreach ($dbh->fetchAll(PDO::FETCH_ASSOC) as $row) {
	$row['access'] = $main->getRights($row['access_level']);
    $value[] = $row;
}
$smarty->assign('value', $value);

$sql = 'SELECT * FROM '.DB_CMS.'.website_access_levels';
$dbh = $connection->prepare($sql);
$dbh->execute();
$access = '';
foreach($dbh->fetchAll(PDO::FETCH_ASSOC) as $row) {
	$access .= '<option value="'.$row['access_level'].'">'.$row['title'].'</option>';
}
$smarty->assign('access', $access);
if(isset($_POST['pw_submit'])) {
		$user = new user;
		$currently_pw_db = $user->getPW($_GET['userID']);
		$currently_pw	 = base64_encode(sha1($_POST['currently'], true));
		if($currently_pw === $currently_pw_db) {
			if(($_POST['new_pw'] === $_POST['new_pw_rpt']) && (!empty($_POST['new_pw']) || !empty($_POST['new_pw_rpt']))) {
				$newpw = base64_encode(sha1($_POST['new_pw'], true));
				$sql = 'UPDATE '.DB_LOGIN.'.account_data SET password = :password WHERE id = :id';
				$dbh = $connection->prepare($sql);
				$dbh->bindValue(':password', $newpw);
				$dbh->bindValue(':id', $_GET['userID']);
				$dbh->execute();
				$main->jqmodal('saved');
				echo '<meta http-equiv="refresh" content="5; URL=index.php?mod=myprofile">';
			} else {
				$main->jqmodal('wrong_rpt');
			}
		} else {
			$main->jqmodal('wrong_cnt');
		}
}



if(isset($_POST['data_submit'])) {

	if(isset($_POST['activated'])) {
		$activated = 1;
	} else {
		$activated = 0;
	}
	$sql = 'UPDATE '.DB_LOGIN.'.account_data SET 
								email = :email, 
								credits = :credits, 
								access_level = :accesslevel, 
								activated = :activated 
								WHERE id = :id';
	$dbh = $connection->prepare($sql);
	$dbh->bindValue(':email', $_POST['mail']);
	$dbh->bindValue(':credits', $_POST['credits']);
	$dbh->bindValue(':accesslevel', $_POST['accesslevel']);
	$dbh->bindValue(':activated', $activated);
	$dbh->bindValue(':id', $_GET['userID']);
	$dbh->execute();
	$main->jqmodal('edited');
	echo '<meta http-equiv="refresh" content="5; URL=index.php?mod=myprofile&userID='.$_GET['userID'].'">';
}
$template = 'myprofile/index.tpl';
?>
